What's new and changed in the platform
Platform updates can include new features, bug fixes, and security updates. Updates are listed in reverse chronological order so that the latest release is at the beginning of the topic.
The platform is composed of the IBM Cloud Pak® for Data platform operator and the Cloud Pak for Data control plane. Updates can be released for either or both of these components.
You can see a list of the new features for the platform and all of the services at What's new in IBM Cloud Pak for Data.
Cloud Pak for Data Version 4.7.4
- Platform components
- IBM Cloud Pak for Data platform operator: 4.4.0
This release includes the following changes:
- Updates
-
Version 4.7.4 includes various fixes to the platform operator.
Cloud Pak for Data Version 4.7.3
- Platform components
- IBM Cloud Pak for Data platform operator: 4.3.0
This release includes the following changes:
- Customer-reported issues fixed in this release
-
The following issues, which were reported by customers, are fixed in Cloud Pak for Data Version 4.7.2.
- Issues fixed in this release
-
- After upgrading to Version 4.7, custom monitors fail with a 500 error
-
- Issue: When you try to view information about an alert or event triggered by a custom
monitor, you see the following error:
Error Request failed with status code 500 The data cannot be displayed. You don't have the appropriate permissions to access the Platform Management service. If you need access to the service, contact your administrator
Prior to upgrading to Version 4.7, you could access the information from the web client.
- Resolution: If you have the appropriate permissions to view the Alerts and events page, you can see the alerts and events triggered by a custom monitor.
- Issue: When you try to view information about an alert or event triggered by a custom
monitor, you see the following error:
zen-metastoredb
pods continue to run after upgrading to Version 4.7-
- Issue: The
zen-metastoredb
pods are no longer needed in Version 4.7; however, the pods continue to run after you upgrade to Version 4.7. - Resolution: The
zen-metastoredb
pods are removed when you upgrade to Version 4.7.3.
- Issue: The
Cloud Pak for Data Version 4.7.2
- Platform components
- IBM Cloud Pak for Data platform operator: 4.2.0
This release includes the following changes:
- New features
-
Version 4.7.2 of the Cloud Pak for Data platform includes the following features and updates:
- Use additional attributes to create dynamic user groups
- By default, you can use only four pre-defined attributes to create dynamic user groups. Starting
in Cloud Pak for Data Version 4.7.2, you can use one of the following methods to specify additional
attributes when you create a dynamic user group. For a high-level comparison of the options, see
Specifying
additional attributes that can be used to create dynamic user groups.
- Adding attributes from your LDAP to the Identity Management Service
- If you want to use attributes that are defined in your identity provider, you can configure the Identity Management Service to return the attributes. Then, you can configure Cloud Pak for Data to use the attributes. For more information, see Using additional attributes from your identity provider to create dynamic user groups.
- Creating a custom attribute provider
- If you want to use attributes that are not defined in your identity provider, you can create a custom attributes provider. With a custom attribute provider, you can provide information that is not part of your company's primary IdP. After you create a custom attributes provider, you can configure Cloud Pak for Data to use the attributes. For more information, see Using a custom attribute provider to specify additional attributes that can be used to create dynamic user groups.
- Give a user the minimum role-based access control to install software
- A cluster administrator can give another user the minimum role-based access control (RBAC) to
install various Cloud Pak for Data components. Important: This method is recommended only for customers with rigid security requirements. It is not recommended for most customers because it requires additional planning and maintenance.
- Minimum RBAC to install the scheduling service
- By default, a cluster administrator must install the scheduling service. However, you can optionally give another user the minimum role-based access control (RBAC) that is needed to install the scheduling service. For more information, see Giving a user the minimum RBAC to install the scheduling service.
- Minimum RBAC to install an instance of Cloud Pak for Data
- If a user other than the cluster administrator will install Cloud Pak for Data, you must give a Red Hat® OpenShift® Container Platform user the appropriate permissions to
install the software in the instance projects. You can use one of the following methods to give the
user the required permissions:
- Giving the user the
admin
role (recommended) - To give a user the
admin
role on the projects associated with the instance, see Authorizing a user to act as an instance administrator. - Giving the user the minimum RBAC
- To give a user the required permissions to install the software without giving the user the
admin
role on the projects associated with the instance, see Giving a user the minimum RBAC to install Cloud Pak for Data components
- Giving the user the
- Customer-reported issues fixed in this release
-
The following issues, which were reported by customers, are fixed in Cloud Pak for Data Version 4.7.2.
Cloud Pak for Data Version 4.7.1
- Platform components
- IBM Cloud Pak for Data platform operator: 4.1.0
This release includes the following changes:
- Installation enhancements
-
Version 4.7.1 of the Cloud Pak for Data platform includes the following features and updates:
- Upgrades from Version 4.5
- Starting with Cloud Pak for Data Version 4.7.1, you can upgrade your existing Version 4.5.x environment to Version 4.7. For more information, see Upgrading from IBM Cloud Pak for Version 4.5 to Version 4.7.
Cloud Pak for Data Version 4.7.0
- Platform components
- IBM Cloud Pak for Data platform operator: 4.0.0
This release includes the following changes:
- Red Hat OpenShift Container Platform support
-
You can deploy Cloud Pak for Data Version 4.7 on the following versions of Red Hat OpenShift Container Platform:
- Version 4.10.0 or later fixes
- Version 4.12.0 or later fixes
- Installation enhancements
-
- More control over instances with the private topology
-
Starting in IBM Cloud Pak for Data Version 4.7, each instance of Cloud Pak for Data has its own set of operators. The private topology simplifies the process of installing and managing multiple instances of Cloud Pak for Data at different releases on a single cluster.
The private topology replaces the express installation topology and the specialized installation topology.
If you are upgrading to IBM Cloud Pak for Data Version 4.7, you must migrate your existing installation to the private topology.
For more information, see Supported project (namespace) configurations.
- Install or upgrade multiple components in parallel
-
Starting in IBM Cloud Pak for Data Version 4.7, you can install or upgrade multiple components in parallel. When you run a batch installation or upgrade, the
apply-cr
command automatically installs or upgrades up to 4 components at a time.The
apply-cr
command ensures that the specified components are installed in the correct order. For example, the command ensures that the control plane is installed before any services are installed.You can adjust the number of components that are installed or upgraded in parallel by specifying the
--parallel_num
option. For more information, see themanage apply-cr
command reference.
- New features
-
- FIPS 140-2 compliance
-
Many of the services in IBM Cloud Pak for Data Version 4.7 are FIPS 140-2 compliant.Important: In previous versions of Cloud Pak for Data, most software could be installed on a FIPS-enabled cluster, however, the software did not meet the FIPS requirements. For example:
- The software did not use FIPS-certified modules for encryption.
- Some software implicitly turned off FIPS mode to access modules that were not FIPS-compliant on Red Hat OpenShift Container Platform or on Red Hat Enterprise Linux®.
In Version 4.7, services that are FIPS 140-2 compliant use FIPS-certified modules for encryption and use only modules that are available in FIPS mode. In some situations, this might result in a loss of functionality if the service previously ran on FIPS-enabled clusters without being FIPS 140-2 compliant. For example, some JDBC drivers are not FIPS-compliant, so connections that worked in previous releases of Cloud Pak for Data might not work in Version 4.7. For more information, see Known issues on FIPS-enabled clusters.
For a complete list of the services that are FIPS 140-2 complaint, see Services that support FIPS.
- CIS Benchmarks
-
The CIS Benchmarks, from the Center for Internet Security, are a set of best practices that help security practitioners implement and maintain cybersecurity defenses. The Kubernetes CIS Benchmark includes configuration guidelines for Red Hat OpenShift Container Platform v4.
The IBM Cloud Pak for Data control plane and services are tested against the OpenShift Compliance Operator CIS profiles. For more information, see CIS Benchmark for Red Hat OpenShift Container Platform v4.
- Simpler process to back up and restore Cloud Pak for Data
-
Starting in Cloud Pak for Data Version 4.7, backups that are created with the Cloud Pak for Data OADP backup and restore utility are run at the instance level. With this approach, you can back up and restore all the projects (namespaces) that are associated with an instance of Cloud Pak for Data in a single orchestrated sequence instead of backing up and restoring the projects separately.
For more information, see the following topics:
- Online backup and restore to the same cluster with the Cloud Pak for Data OADP backup and restore utility
- Offline backup and restore to the same cluster with the Cloud Pak for Data OADP backup and restore utility
- Offline backup and restore to a different cluster with the Cloud Pak for Data OADP backup and restore utility
- Estimate the amount of storage for a backup
-
You can use the
cpd-cli oadp du-pv
command to estimate how much storage space you need for a backup. Use the command to ensure that you have sufficient space for your backup. - Cloud Pak for Data APIs restructured and improved
-
The available APIs in Cloud Pak for Data topic includes more links to APIs that you can use. You can also find links to service-specific APIs from service landing pages. For example, you can find the link to the Watson™ Data API from the Watson Knowledge Catalog service landing page.
The Cloud Pak for Data Platform API in IBM® Cloud API Docs now includes the following methods and examples:
- Deprecated features
-
- LDAP integration provided by Cloud Pak for Data
-
By default, IBM Cloud Pak for Data user records are stored in an internal repository. However it is strongly recommended that you use an enterprise-grade password management solution, such as single sign-on (SSO) or LDAP.
If you decide to use an LDAP server, you currently have two methods for connecting to your LDAP server:
- The LDAP integration provided by Cloud Pak for Data.
- The LDAP integration provided by the IBM Cloud Pak foundational services Identity Management Service.
The LDAP integration provided by Cloud Pak for Data is deprecated and will be removed in a future release.
- Installing
- If you are installing IBM Cloud Pak for Data for the first time and you want to use an LDAP server to manage access to the platform, use the LDAP integration provided by the Identity Management Service. For more information, see Integrating with the Identity Management Service.
- Upgrading
- If you are upgrading to IBM Cloud Pak for Data
Version 4.7 and you currently use the LDAP integration provided by Cloud Pak for Data, it is strongly recommended that you migrate
your existing configuration to the Identity Management Service. To migrate your LDAP configuration:
- Integrate with the Identity Management Service.
- Change the
cpadmin
user toadmin
. - Connect to your current LDAP server from the Identity Management Service (links to the IBM Cloud Pak foundational services documentation).
Repeat these steps for each instance of Cloud Pak for Data, that you want to integrate with the Identity Management Service.
- Express and specialized installation topologies
-
Previously, all instance of IBM Cloud Pak for Data on a cluster were managed by a set of shared operators. The location of the operators depended on the installation topology that you chose when you installed IBM Cloud Pak for Data:
- Express installation topology
- In an express installation, the shared IBM Cloud Pak for Data operators were co-located with the shared
IBM Cloud Pak foundational services operators in the
ibm-common-services
project. - Specialized installation topology
- In a specialized installation, the shared IBM Cloud Pak for Data operators were in a separate project from
the shared IBM Cloud Pak foundational services operators,
which were typically in the
ibm-common-services
project.
Starting in IBM Cloud Pak for Data Version 4.7, both of these installation topologies are replaced by the private topology. In the private topology, each instance of Cloud Pak for Data has its own set of operators. When you upgrade to IBM Cloud Pak for Data Version 4.7, you must migrate your current installation to the private topology. For more information, see Upgrading Cloud Pak for Data.
- Submitting a request for data
-
The data requests (workflows instead.) feature was removed. Use
- Offline backup and restore
-
Offline backup and restore is deprecated and will be removed in a future release. It is recommended that you create online backups. For more information, see Backing up and restoring Cloud Pak for Data.
- The
user-home-pvc
persistent volume claim (PVC) was removed - If your custom monitor implementation uses the
user-home-pvc
PVC, you must update your code. For details, see Tutorial: Creating a custom monitor.
- Customer-reported issues fixed in this release
- The following issues, which were reported by customers, have been fixed in Cloud Pak for Data Version 4.7.0: